Posts

Tips to Stay Digitally Safe on Spring Break

Give me a break! In the next month, students will get the week off for spring break—a much needed reward after months of hard work and, for some, gnarly winter weather. Spring break means free time, family vacations, trips with friends, and timeless memories.

7WBut, spring break can pose some risks to your online reputation and your identity. So whether you are going to party it up in the Caribbean or you are taking the kids to Disney World, here are some tips to keep you digitally safe this spring break.

  1. Don’t bring more technology than you have to. Do you really need to bring your laptop, tablet, and smartphone on your beach vacation? The more devices you bring, the more chances for someone to steal or compromise your device and your personal data.
  2. Backup your data. No matter what devices you decide to bring, make sure you back them up before you leave. You don’t know what will happen on your trip, don’t risk your data.
  3. Share when you get home. It’s tempting to share that family picture with Mickey, but it could alert thieves that you aren’t home. Wait until you return home before you share your vacation pictures online.
  4. Review your privacy settings. Just because you aren’t sharing anything from your spring break on social media, doesn’t mean that your friends aren’t. Check up on your privacy settings so you can manage who sees your content, and as best as possible, what others say about you. That embarrassing video of your belly flop doesn’t need to be seen by everyone.
  5. Be careful when using public Wi-Fi. Don’t log on to bank/credit card sites or shop online when using a public Internet connection. You don’t know who else is on your network.
  6. Install security software on all your devices. Use comprehensive security software likeMcAfee LiveSafe™ service to protect your devices no matter where you are.

Have a great spring break!

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

15 tips to Protect your Digital Life

How much of “you” is stored inside your smartphone? For some of you, the answer will be “My entire life.” And that’s practically true. For many, all sorts of highly private, sensitive information, including photos, are stored in that little device called a smartphone.

7WBut here is a better question: Did you know that “you” can be hacked into or in some other way stolen? And remotely at that? And some hacking methods can be very sly and sneaky. Even if your device is tethered to your waist every second, you still need to protect it from remote thieves. Here’s how to protect your smartphone.

  1. Customize your mobile so that if some smart-azz at a party snatches it, they won’t be able to figure out how to get your information. Use a custom lock screen and ambiguous icons for nameless applications—the dork-head won’t have a clue. Do you really want to have an icon sitting on your screen labeled “Finances,” “Banking Info” or “Hot Pics”? Remove default apps too. This won’t stop a skilled hacker, but it will stop the typical doofus in his tracks.
  2. Avoid public Wi-Fi such as at airports, hotels and coffee houses unless you are using a VPN from Hotspot Shield.
  3. Disable your GPS to keep your location hidden.
  4. Stay clear of unofficial versions of the popular applications. These are often found on 3rd party sites.
  5. If you use Google maps, disable or don’t enter your home address.
  6. If you’re not using the Internet, get offline.
  7. Keep far from applications that require some kind of strange permission.
  8. Don’t save your passwords in your browser, even though this is convenient. Instead use a password manager; this is more secure.
  9. Enable a passcode on your device. If you have an Android, customize your lock screen. For the iPhone, use a longer passcode, not a PIN.
  10. Go through all of your apps to make sure that they don’t have access to personal information that you don’t want them to have access to. Pay close attention to all of those checkboxes you click for the “agreement” portions of installing apps. Every month, audit your apps.
  11. Never save a password in a very private application like that of your bank’s. Having to log in every time is a small fee to pay for the security this brings. Similarly, always log out completely from your e-mail every time you’re done using it.
  12. Use cloud encryption for your personal information. The Android allows encryption for all data on the device.
  13. Keep the phone’s operating system and app software updated. Don’t get lax with this.
  14. Anti-theft software. Enable the remote wipe function. This kind of app will help you locate a lost or stolen smartphone, but don’t delay in setting this up.
  15. Keep a backup of all of your device’s data.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How to safely and securely recycles Devices

Don’t just throw out your old devices; take measures to protect your personal information.

13DBack Up

Before ridding your device, back up everything on it—everything. Use an automated PC service and/or a flash drive. For the iOS and Android, activate Apple’s iCloud or the Google Auto Backup service.

Wipe

Wiping refers to removing all your data. Simply hitting “delete” or reformatting the hard drive won’t do. I purchased 30 used computers off Craigslist, scoured their hard drives with a forensics expert, and discovered that half of the devices—that had been reformatted—still had personal information.

To wipe Windows PCs, you can use Active KillDisk. For Macs, use the OS X Disk Utility or WipeDrive. “A factory reset should be enough to secure most recent smartphones, provided that you remove any SIM cards that could contain personal info. To be super safe, use Blancco Mobile to wipe the iOS or Android.

Destroy

If you can’t wipe the device, destroy it if you don’t plan on donating or reselling. For example, I recently recycled a laptop that was missing its power supply, so there was no way to turn it on and wipe the disc. Instead I removed the hard drive with a screwdriver, and then took a sledgehammer to it. (Aside from protecting my personal data, it was also a lot of fun.)

Recycle
Ask the recycling company just who does the downstream recycling so that your e-waste doesn’t find its way into a foreign landfill. Make sure the company is part of R2 (Responsible Recycling) or e-Stewards certification programs.

Keep Records

Make sure you document donations with a receipt so that the IRS can give you a little return.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Windows XP not dead yet—but users Beware

Would you reasonably expect success when attempting to drive cross country in a 1975 Pinto with balled tires, no brakes, dried cracked belts and with already 250k on the motor? You might if you didn’t stop and think about things.

winxpThe same is true of an individual or a business who’s still using a Windows XP operating system on devices that have even 1 megabyte of sensitive data. You cannot reasonably expect security with one of the most hacked operating systems in existence.

But I digress. Fret not, there’s temporary hope yet for Windows XP procrastinators: Microsoft is extending support into 2015. It was previously believed that April 8, 2014 was the end of the world for support towards MS Security Essentials, System Center Endpoint Protection, Forefront Endpoint Protection and Forefront Client Security.

This meant that on that date, new malware signatures plus engine updates to XP users would cease, even though updates for the same software that was running on Windows Vista would continue to be provided.

However, a recent blog post by Microsoft’s Malware Protection Center notes that XP users will continue receiving support—but it won’t last long: July 14, 2015 will be here before business owners know it.

With hackers swarming in like killer bees, knowing that XP’s support’s days are limited, XP users must stay in heavyweight mode for any attacks. Thieves can even use new security updates for Windows Vista (and later) as a guide to hacking into systems running on XP.

Anti-malware solutions aren’t very effective on operating systems that lack support, and hackers know this. But more alarming is that fewer users, including business owners, are ready to accept this or even have a clue about it.

After all, it’s estimated that almost 30 percent of all the personal computers across the world are using Windows XP. Business owners and other decision makers of organizations need to overestimate just how risky it is to cling onto an old favorite rather than promptly switch to a new system that has stronger support.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Tightening up Security is Everyone’s Responsibility

Most information technology (IT) experts are very much unnerved by cyber criminals, says the biggest study involving surveys of IT professionals in mid-sized businesses.3D

  • 87% send data to cloud accounts or personal e-mail.
  • 58% have sent data to the wrong individual.
  • Over 50% have confessed to taking company data with them upon leaving a post.
  • 60% rated their company a “C” or worse for preparation to fight a cyber threat.

Here is an executive summary and a full report of the survey’s results.

second study as well revealed high anxiety among mid-size business IT professionals.

  • Over 50% of those surveyed expressed serious concern over employees bringing malware into an organization: 56% for personal webmail and 58% for web browsing.
  • 74% noted that their organization’s networks had been infiltrated by malware that was brought in by web surfing; and 64 percent via e-mail—all in the past 12 months.

The above study is supported by this study.

  • 60% of respondents believed that the greatest risk was employee carelessness.
  • 44% cited low priority given to security issues in the form of junior IT managers being given responsibility for security decisions.

The first (biggest) study above showed that about 50% of C-level management actually admitted that it was their responsibility to take the helm of improving security.

And about half of lower level employees believed that IT security staff should take the responsibility—and that they themselves, along with higher management, should be exempt.

The survey size in these studies was rather small. How a question is worded can also influence the appearance of findings. Nevertheless, a common thread seems to have surfaced: universal concern, and universal passing the buck. It’s kind of like littering the workplace but then thinking, “Oh, no problem, the custodian will mop it up.”

  • People are failing to appreciate the risk of leaving personal data on work systems.
  • They aren’t getting the memo that bringing sensitive data home to personal devices is risky.
  • Web browsing, social sharing and e-mail activities aren’t being done judiciously enough—giving rise to phishing-based invasions.

IT professionals are only as good as their weakest link: the rest of the employees who refuse to play a role in company security will bring down the ship.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

5 Tips to Becoming Digitally Secure

Your digital life and your physical life coexist like land and sky which meet at the horizon all day and night. This means while you are present here on the ground, you also exist online. Coming to terms with this reality will help you make better decisions about securing that online self.

  1. Get device proficient: On a laptop, desktop, Mac, tablet, or smartphone, figure out what you’re doing. Take the time to learn enough about your electronics to become an expert on them.
  2. Become socially savvy: Use your devices to communicate socially. Keep in mind that online is forever. Consider that years from now, that information could be damaging or embarrassing. Assume everything you post is public and will be searchable forever, even with the strongest privacy settings available.
  3. Google your online reputation: Search your name and see what’s being said. There are plenty of websites that know who you are and mention you in some fashion. Creating your online persona socially will help establish your online presence.
  4. Invest in security: It’s not just your PCs—your identity, hardware and software are being targeted by criminals 24/7/365. Use common sense and know that if it looks too good to be true, it probably is. Today’s tools can insulate you from many criminal tactics and even help you locate a missing device. Whenever using free wireless, know that chances are someone is snooping on your communications. Get a VPN (Virtual Private Network)to protect your digital communications.
  5. Use effective passwords: “Princess” and “123456” are not strong passwords. Combine uppercase and lowercase letters with numbers and other characters.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Robert’s FREE ebook text- SECURE Your@emailaddress -to 411247.

Digital Security Improves Our Lives

Our lives depend on the convenience of digital and require the security behind the scenes. Take contactless payment for example. Contactless payments are a faster, more convenient alternative to cash when making small purchases at fast food restaurants, convenience stores, and transport terminals. They are also ideal for remote or unattended payment situations, such as vending machines, road tolls, or parking meters.

These transactions are protected by multiple layers of security, which protect both retailers and consumers.

Some of these security features are incorporated within a card’s microprocessor chip, while others are part of the same networks that protect traditional credit and debit card transactions.

Think about how much more “digital” our lives have become. Digital assets include: entertainment files (e.g., music downloads), personal memories (e.g., photographs), personal communications (e.g., emails), personal records (e.g., health, financial, insurance) and career information (e.g., resumes, portfolios, cover letters, contacts), as well as any creative projects or hobbies involving digital files.

Every bit of this adds up to “more and better.” By this, I offer an example. I have a seven-year-old daughter who has evolved into a smarter, more well-rounded and aware child than I ever was. And, with the comfort of digital security, the technology that we expose her to makes much of that possible.

And this exposure is ubiquitous. While many people protect their PCs and digital assets from malware by installing antivirus software, they leave the doors open to criminals when it comes to smartphones, tablets and Macs, however. Bad guys are now targeting these devices, as their users’ complacency has made breaking into these devices the path of least resistance. Now more than ever, a multi-device security strategy is necessary.

But don’t fret. Enjoy your technology, be smart about it and make sure to exercise your security muscles.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Securing New Digital Devices

Laptops, desktops, Macs, mobiles, and tablets are on many people’s wish lists this holiday season. Once these shiny new devices are connected to the Internet, they will be under siege by malware created by criminals in order to steal identities.

According to a recent McAfee survey, 60% of consumers now own at least three digital devices, and 25% own at least five. Cybercriminals are taking advantage of these new opportunities by widening their nets to target a variety of devices and platforms. McAfee Labs is reporting an increase in Mac and mobile malware, while PC threats also continue to escalate.

Mobiles: Mobile malware is on the rise, and Android is now the most targeted platform.  Attacks aimed at the Android platform increased 76% from the first to second quarters of 2011. Malicious applications are a main threat area, so be careful of third party applications, and only download from a reputable app store. Read other users’ reviews and make sure you are aware of the access permissions being granted to each app.

Macs, iPads, and iPhones: Unfortunately, the popularity of Apple computers and devices has led to escalated threats. As of late 2010, there were 5,000 pieces of malware targeting the Mac platform, and they have been increasing at a rate of about 10% each month.

Since more threats are being aimed at this platform, consider installing security software for your Mac as a proactive measure. Check out Apple’s new iCloud service, which provides several tools for syncing, backing up, and securing data, and consider a product that offers remote locate, wipe, and restore features in case of loss.

Laptops and desktops: Your security software should include, at a minimum, antivirus software with cloud computing, a two-way firewall, anti-spyware, anti-phishing, and safe search capabilities. Additional levels of protection include anti-spam, parental controls, wireless network protection, and anti-theft protection to encrypt sensitive financial documents.

Gaming and entertainment devices: Remember that the Nintendo Wii and 3DS, PlayStation 3, and Xbox 360 are now Internet-connected, making them vulnerable to many of the same threats as PCs. To protect your investment, make reliable backup copies of your games. Take advantage of built-in parental controls that can help shield kids from violent games or limit when the device can be used.

Some multiplayer games allow kids to play with strangers over the Internet, so if you are a parent, consider employing monitoring tools. Connect your device to secure Wi-Fi networks only, and don’t store personal information on your device.

Removable storage devices: Flash drives and portable hard drives require technologies to protect your data. Consider using a secure, encrypted USB stick, which scrambles your information to make it unreadable if your device is lost or stolen. Install security software that protects portable hard drives, and set a password.  Since removable storage devices are small and easily stolen, you should not leave them unattended.

Learn more tips from McAfee here: http://blogs.mcafee.com/consumer/securing-new-devices

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)

Losing Control of a Digital Life

We have heard it all before, once you post it on the Internet; it is no longer in your control.

Anything digital is rRepeatable. Re-peat’ a-ble: “To say again. To utter in duplication of another’s utterance. To tell to another. To do, experience, or produce again. Capable of being replicated.”

In very simple terms whatever kind of digital file it is; picture, video, audio file, email, IM, Office doc or text, it can be copy/pasted, reposted, emailed, forwarded, MMS’d. You name it.

In some cases this can be a good thing. For example if you are a musician and you aspire to make it big you create an MP3 or video and release it in as many places as possible and hope it goes viral all over the Internet.

Repeatable media can be used to make a point. In Korea a woman allowed her dog to go No 2 on a train and refused to clean it up. Someone on that train took a photo of her and the “2”. That photo shamed her into compliance worldwide.

In other situations this can be embarrassing for some. In 2003 a 15-year-old from Canada was filmed by classmates in an embarrassing video of him getting all “Luke Skywalker” with a golf-ball retriever like it was a light saber. The clip “Star Wars Kid,” was viewed 900 million times online by 2006. This was not the kind of attention he could handle and it had a very negative impact on his life.

Most people’s concern should revolve around repeatable media that damages ones online reputation. Photos of drinking alcohol to the point of intoxication that shine a light of irresponsibility have caused harm to many people.

And then there is the bizarre. Fox News reports a Massachusetts mother was horrified when she found her 7-month-old child’s photo on popular promotions site, Craigslist, advertising his own adoption. She said the photo was from her family’s blog.

What does this mean to you? Realize right now, “big brother” is the least of your concerns. I’d be more concerned about your little brother and his iPhone. Just know going forward that we are all living in the phish bowl. And mind your Ps and Qs.

Robert Siciliano personal security expert to ADT Home Security Source discussing sharing too much information online on Fox News. Disclosures.